package com.xiong.springsecurity.controller;


import com.xiong.springsecurity.domain.User;
import com.xiong.springsecurity.mapper.UserMapper;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import java.util.List;

/**
 * 必须是这个注解，因为是模拟前后端分离的restful风格的请求，要求每个方法返回 json
 * @author XiongDa
 */
@RestController
@RequiredArgsConstructor
public class OrderController {

    private final UserMapper userMapper;

    @GetMapping(value = "/test")
    public String create(){
        List<User> users = userMapper.selectList(null);
        System.out.println(users);

        return "熊熊很酷";
    }

    @GetMapping(value = "/test1")
    @PreAuthorize("hasAuthority('system:user:list1')")
    public String create1(){
        List<User> users = userMapper.selectList(null);
        System.out.println(users);

        return "熊熊很酷1";
    }

    @GetMapping(value = "/test2")
    @PreAuthorize("@permissionCustomHandler.hasAuthority('system:user:list')")
    public String create2(){
        List<User> users = userMapper.selectList(null);
        System.out.println(users);

        return "熊熊很酷2";
    }

}
